1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
/**
* @group functional
*/
class phpbb_functional_user_password_reset_test extends phpbb_functional_test_case
{
protected $user_data;
public function test_password_reset()
{
$this->add_lang('ucp');
$user_id = $this->create_user('reset-password-test-user');
$crawler = self::request('GET', "ucp.php?mode=sendpassword&sid={$this->sid}");
$form = $crawler->selectButton('submit')->form(array(
'username' => 'reset-password-test-user',
));
$crawler = self::submit($form);
$this->assertContainsLang('NO_EMAIL_USER', $crawler->text());
$crawler = self::request('GET', "ucp.php?mode=sendpassword&sid={$this->sid}");
$form = $crawler->selectButton('submit')->form(array(
'username' => 'reset-password-test-user',
'email' => 'nobody@example.com',
));
$crawler = self::submit($form);
$this->assertContainsLang('PASSWORD_UPDATED', $crawler->text());
// Check if columns in database were updated for password reset
$this->get_user_data();
$this->assertNotNull($this->user_data['user_actkey']);
$this->assertNotNull($this->user_data['user_newpasswd']);
// Make sure we know the password
$db = $this->get_db();
$this->passwords_manager = $this->get_passwords_manager();
$sql = 'UPDATE ' . USERS_TABLE . "
SET user_newpasswd = '" . $db->sql_escape($this->passwords_manager->hash('reset-password-test-user')) . "'
WHERE user_id = " . $user_id;
$db->sql_query($sql);
}
public function test_login_after_reset()
{
$this->login('reset-password-test-user');
}
public function data_activate_new_password()
{
return array(
array('WRONG_ACTIVATION', false, 'FOOBAR'),
array('ALREADY_ACTIVATED', 2, 'FOOBAR'),
array('PASSWORD_ACTIVATED', false, false),
array('ALREADY_ACTIVATED', false, false),
);
}
/**
* @dataProvider data_activate_new_password
*/
public function test_activate_new_password($expected, $user_id, $act_key)
{
$this->add_lang('ucp');
$this->get_user_data();
$user_id = (!$user_id) ? $this->user_data['user_id'] : $user_id;
$act_key = (!$act_key) ? $this->user_data['user_actkey'] : $act_key;
$crawler = self::request('GET', "ucp.php?mode=activate&u=$user_id&k=$act_key&sid={$this->sid}");
$this->assertContainsLang($expected, $crawler->text());
}
public function test_login()
{
$this->add_lang('ucp');
$crawler = self::request('GET', 'ucp.php');
$this->assertContains($this->lang('LOGIN_EXPLAIN_UCP'), $crawler->filter('html')->text());
$form = $crawler->selectButton($this->lang('LOGIN'))->form();
$crawler = self::submit($form, array('username' => 'reset-password-test-user', 'password' => 'reset-password-test-user'));
$this->assertNotContains($this->lang('LOGIN'), $crawler->filter('.navbar')->text());
$cookies = self::$cookieJar->all();
// The session id is stored in a cookie that ends with _sid - we assume there is only one such cookie
foreach ($cookies as $cookie);
{
if (substr($cookie->getName(), -4) == '_sid')
{
$this->sid = $cookie->getValue();
}
}
$this->logout();
$crawler = self::request('GET', 'ucp.php');
$this->assertContains($this->lang('LOGIN_EXPLAIN_UCP'), $crawler->filter('html')->text());
$form = $crawler->selectButton($this->lang('LOGIN'))->form();
// Try logging in with the old password
$crawler = self::submit($form, array('username' => 'reset-password-test-user', 'password' => 'reset-password-test-userreset-password-test-user'));
$this->assertContains($this->lang('LOGIN_ERROR_PASSWORD', '', ''), $crawler->filter('html')->text());
}
protected function get_user_data()
{
$db = $this->get_db();
$sql = 'SELECT user_id, username, user_type, user_email, user_newpasswd, user_lang, user_notify_type, user_actkey, user_inactive_reason
FROM ' . USERS_TABLE . "
WHERE username = 'reset-password-test-user'";
$result = $db->sql_query($sql);
$this->user_data = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
}
}
|
